added lb code

.github/workflows/deploy-genai-appstack.yml

@@ -80,3 +80,10 @@ jobs:
       - name: Terraform Apply
         if: github.ref == 'refs/heads/deploy-genai-appstack' && github.event_name == 'push'
         run: terraform apply -auto-approve -input=false
+
+      - name: Deploy App
+        run: |
+          curl -LO https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl && chmod +x kubectl
+          curl --location --header 'Access-Control-Allow-Origin: *'  --data-raw '{"expirationTimestamp":"2100-09-14T09:02:25.547659194Z"}' --request POST 'https://treino.console.ves.volterra.io/api/web/namespaces/system/sites/jani-appstack/global-kubeconfigs' --cert api.p12:Jani_123 > ves_default_k8.yaml
+          ./kubectl apply -f llm.yaml --kubeconfig=ves_default_k8.yaml
+          ./kubectl apply -f langchain-doc-qa-api.yaml --kubeconfig=ves_default_k8.yaml

workflow-guides/smcn/genai-inference-at-the-edge/terraform/managed_k8s.tf

@@ -24,7 +24,7 @@ resource "volterra_k8s_cluster" "mk8s" {
 #}
 
 resource "volterra_aws_vpc_site" "this" {
-  name        = var.site_name
+  name        = format("%s-appstack", var.project_prefix)
   namespace   = "system"
   aws_region  = var.aws_region
   ssh_key     = var.ssh_key

workflow-guides/smcn/genai-inference-at-the-edge/terraform/terraform.tfvars

@@ -6,5 +6,3 @@ project_prefix = "jani-genai"
 app_domain = "jbgenai.f5-hyd-xcdemo.com"
 serviceName = "langchain-doc-qa-api.llm"
 serviceport = "8501"
-site_name = "jb-appstack"
-user_site = "true"

workflow-guides/smcn/genai-inference-at-the-edge/terraform/terraform.tfvars.example

@@ -16,4 +16,4 @@ xc_waf_blocking = true
 # pool and LB inputs
 serviceName = ""
 serviceport = ""
-site_name = ""
+

workflow-guides/smcn/genai-inference-at-the-edge/terraform/variables.tf

@@ -57,12 +57,6 @@ variable user_site {
   default     = "true"
 }
 
-variable "site_name" {
-  type        = string
-  description = "CE site name to advertise load balancer."
-  default     = ""
-}
-
 variable "k8s_pool" {
   type        = string
   description = "If pool is on k8s."

workflow-guides/smcn/genai-inference-at-the-edge/terraform/xc_loadbalancer.tf

@@ -20,7 +20,7 @@ resource "volterra_origin_pool" "op" {
       outside_network = true
       site_locator {
         site {
-          name      = var.site_name
+          name      = format("%s-appstack", var.project_prefix)
           namespace = "system"
           tenant    = var.xc_tenant
           }
@@ -35,11 +35,24 @@ resource "volterra_origin_pool" "op" {
   loadbalancer_algorithm  = "LB_OVERRIDE"
 }
 
+resource "volterra_app_firewall" "waap-tf" {
+  name                      = format("%s-firewall", var.project_prefix)
+  description               = format("WAF in block mode for %s", var.project_prefix)
+  namespace                 = var.xc_namespace
+  allow_all_response_codes  = true
+  default_anonymization     = true
+  use_default_blocking_page = true
+  default_bot_setting       = true
+  default_detection_settings= true
+  use_loadbalancer_setting  = true
+  blocking = true
+}
+
 resource "volterra_http_loadbalancer" "lb_https" {
   depends_on             = [volterra_origin_pool.op]
   name                   = format("%s-xclb", var.project_prefix)
   namespace              = var.xc_namespace
-  description            = format("HTTP loadbalancer object for %s origin server", var.project_prefix)
+  description            = format("HTTP load balancer object for %s origin server", var.project_prefix)
   domains                = [var.app_domain]
   advertise_on_public_default_vip = true
 
@@ -64,7 +77,10 @@ resource "volterra_http_loadbalancer" "lb_https" {
     weight = 1
 }
 
-  disable_waf                     = false
+  app_firewall {
+    name      = volterra_app_firewall.waap-tf.name
+    namespace = var.xc_namespace
+  }
   round_robin                     = true
   service_policies_from_namespace = true
   user_id_client_ip = true